package com.czkt.config;

import com.czkt.entity.SysRight;
import com.czkt.entity.vo.UserRole;
import com.czkt.service.ISysRoleRightService;
import com.czkt.service.ISysUserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.data.redis.core.ValueOperations;

import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;
import java.util.concurrent.TimeUnit;

public class MyShiroRealm extends AuthorizingRealm {
    @Resource
    private ISysUserService userService;

    @Resource
    private ISysRoleRightService sysRoleRightService;

    @Resource
    private StringRedisTemplate stringRedisTemplate;


    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        UserRole userRole = (UserRole) principalCollection.getPrimaryPrincipal();
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        userRole.setSysRights(sysRoleRightService.roleRight(userRole.getRoleId()));
        List<String> list = new ArrayList<>();
        for (SysRight sysRights: userRole.getSysRights()){
            list.add(sysRights.getRightCode());
        }
        simpleAuthorizationInfo.addStringPermissions(list);
        return simpleAuthorizationInfo;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //获得身份信息
//        UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;
        String usrName = (String) authenticationToken.getPrincipal();
//        String usrName = token.getUsername();
        UserRole userRole = userService.selectRoleUser(usrName);
        if(userRole == null){
            throw new UnknownAccountException();//账号错误
        }
        if (userRole.getUsrFlag()==null || userRole.getUsrFlag() == 0){
            throw new LockedAccountException();//账号锁定
        }
        //身份(根据用户名查询数据库获得的用户)  凭证(查询数据库获得的密码)  Realm对象的名称
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(userRole,userRole.getUsrPassword(), ByteSource.Util.bytes("czkt"),getName());
        //返回身份信息
        return info;
    }

    public void clearMyCachedAuthorizationInfo(){
        //获取当前登录的用户
        PrincipalCollection temp = SecurityUtils.getSubject().getPrincipals();
        clearCachedAuthorizationInfo(temp);
    }

    public void clearAllCachedAuthorizationInfo() {
        if (this.isAuthorizationCachingEnabled()) {//权限缓存是否可用
            Cache<Object, AuthorizationInfo> cache = null;
            CacheManager cacheManager = this.getCacheManager();
            if (cacheManager != null) {
                String cacheName = this.getAuthorizationCacheName();  //获得权限缓存名称
                cache = cacheManager.getCache(cacheName);  //获得权限缓存
            }
            if (cache != null) {
                cache.clear();  //清空
            }
        }
    }
}
